Le vendredi 20 avril 2012 à 11:50 -0300, Federico Alberto Sayd a écrit :
> >
> I don't know very much about CAS (I am investigating), but if I am not
> wrong, even if OpenFire supports CAS also the web chat application must
> be compatible with CAS,
> in such a case is needed rewrite the javascript
> autentication method in the app.
>
At first thought : no. The client javascript could use
1) as jid, the (logged in) user email address,
2) as password, a token (CAS calls this token a "proxy granting
ticket") that will be passed to the jabber server in place of a
real password.
On the client side the "tricky" part would thus be *before* the use of
javascript : you'll need some tool (an intermediary page or some
CAs-aware BOSH server) in order to:
1) re-authenticate the user against the CAS server and
2) ask the CAS server for the "proxy granting ticket" that will
be send (as password) to the jabber server ...
On the server side: You'll need a CAS-aware authentication backend, such
as pam_cas (if your server runs on unix and is PAM-aware).
Regards,
Jean-Marie.
> Regards
> --
> [email protected]
> https://inverse.ca/sogo/lists
--
[email protected]
https://inverse.ca/sogo/lists
